Question 7 of 9

You have a Microsoft Sentinel workspace. The workspace has two connectors configured. One for Azure AD and another one for Microsoft Office 365.

Your organization has hired a new admin. The new admin will need access to Microsoft Sentinel. Your manager informs you the new admin will need to perform the following:

• Manage incidents
• Create and run playbooks

Your manager asks you which two roles should you assign to the new user?

The Contributor can perform everything the owner can except they can't assign roles.

The Logic App contributor role allows you to manage logic apps including playbooks and incidents.

The Microsoft Sentinel Reader cannot manage incidents. The role can only be used to read/view.

The Microsoft Sentinel Automation Contributor can add playbooks to automation rules. It isn't designed to be assigned to a user.

The Managed Application Operator Role allows you to read and manage actions on managed application resources.

https://www.gitbit.org/course/ms-500/learn/Collect-detect-investigate-and-respond-to-security-threats-using-Microsoft-Sentinel-LEyZMWBSt

https://docs.microsoft.com/en-us/azure/sentinel/roles